$ rpki-client -vvf rpki.apnic.net/member_repository/A915D03A/1B647710924611E79AAEBE10C4F9AE02/DF4A9778E56111EBB6ADAC1FC4F9AE02.roa File: DF4A9778E56111EBB6ADAC1FC4F9AE02.roa (raw, json) Hash identifier: 7YP6LxWl7dkCnCVqA7kwHKVIUJLy8r36Co7rSRMJ1FU= Subject key identifier: A0:08:81:59:F7:A1:F4:0E:85:E1:95:AD:0F:DF:75:93:A2:D5:37:D5 Certificate issuer: /CN=A915D03A/serialNumber=615ED84C44E657F7095E0212AFEA052C542A0D91 Certificate serial: 188D Authority key identifier: 61:5E:D8:4C:44:E6:57:F7:09:5E:02:12:AF:EA:05:2C:54:2A:0D:91 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YV7YTETmV_cJXgISr-oFLFQqDZE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A915D03A/1B647710924611E79AAEBE10C4F9AE02/DF4A9778E56111EBB6ADAC1FC4F9AE02.roa Signing time: Wed 10 Apr 2024 12:55:29 +0000 ROA not before: Wed 10 Apr 2024 12:55:29 +0000 ROA not after: Sun 02 Mar 2025 00:00:00 +0000 asID: 24319 IP address blocks: 60.254.128.0/24 maxlen: 24 60.254.153.0/24 maxlen: 24 125.56.209.0/24 maxlen: 24 125.56.217.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A915D03A/1B647710924611E79AAEBE10C4F9AE02/YV7YTETmV_cJXgISr-oFLFQqDZE.crl rsync://rpki.apnic.net/member_repository/A915D03A/1B647710924611E79AAEBE10C4F9AE02/YV7YTETmV_cJXgISr-oFLFQqDZE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YV7YTETmV_cJXgISr-oFLFQqDZE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Nov 2024 16:27:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6285 (0x188d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A915D03A/serialNumber=615ED84C44E657F7095E0212AFEA052C542A0D91 Validity Not Before: Apr 10 12:55:29 2024 GMT Not After : Mar 2 00:00:00 2025 GMT Subject: CN=66168c41-7196 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:f3:96:3e:b2:1f:7a:47:42:e6:8b:19:2a:d1: f3:66:2a:1d:f1:82:8b:72:ac:3a:fd:f1:47:f9:7e: 8b:aa:e3:f1:cf:a6:f8:a3:21:ef:24:aa:d4:89:f3: 94:67:06:61:4c:93:39:ce:45:ef:c0:06:47:b8:d1: 22:d0:69:97:9f:81:60:ea:f4:58:5d:c8:aa:a1:20: af:42:67:a2:f7:13:e9:76:e8:15:db:39:df:ff:bb: 32:c2:37:a6:6c:2d:f5:9c:c3:48:35:72:ef:30:d8: 83:eb:b8:3a:01:82:c0:b0:e4:7e:a6:6e:06:63:1d: 70:d1:95:7f:a1:99:e0:32:1f:6c:ee:d6:39:8c:93: 45:0c:8e:62:94:86:32:d1:2d:e3:ee:3d:d3:bc:f0: c4:0f:0b:8e:17:39:f4:33:4c:c8:d1:44:cf:b9:95: a7:33:0e:50:d8:34:35:41:4a:05:81:a7:84:bd:96: c9:31:28:a7:6e:ae:cc:96:26:32:29:2b:4d:29:f0: d2:8e:71:30:1e:b3:46:fc:19:65:cf:e2:80:9a:a7: 60:23:7e:75:e7:fa:48:1e:05:d4:9e:9f:0f:8b:5e: 7c:4d:46:05:b9:38:24:9d:53:4d:12:f5:ee:2b:e3: bb:96:ea:b9:3e:ec:20:ed:54:3f:68:cb:37:b9:94: 5a:25 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A0:08:81:59:F7:A1:F4:0E:85:E1:95:AD:0F:DF:75:93:A2:D5:37:D5 X509v3 Authority Key Identifier: keyid:61:5E:D8:4C:44:E6:57:F7:09:5E:02:12:AF:EA:05:2C:54:2A:0D:91 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A915D03A/1B647710924611E79AAEBE10C4F9AE02/YV7YTETmV_cJXgISr-oFLFQqDZE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YV7YTETmV_cJXgISr-oFLFQqDZE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915D03A/1B647710924611E79AAEBE10C4F9AE02/DF4A9778E56111EBB6ADAC1FC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 60.254.128.0/24 60.254.153.0/24 125.56.209.0/24 125.56.217.0/24 Signature Algorithm: sha256WithRSAEncryption bb:39:42:c7:70:a2:80:59:d7:b7:ea:3c:2a:02:18:19:15:94: cc:39:4a:4d:f3:3a:73:43:ec:cf:50:1a:18:c0:85:02:c4:fe: 52:af:1e:5d:58:8c:31:d8:31:a8:7d:ab:08:44:e4:58:4b:57: d8:1c:95:34:e1:24:81:ca:df:22:ac:04:36:2a:9e:a1:24:7e: 3d:1a:ac:e6:cf:28:ed:6d:5f:03:88:f3:c8:dd:6e:c4:02:cd: f7:7a:37:d5:76:c1:57:13:cf:d5:e3:0c:b9:9e:43:46:d4:d5: 4c:54:14:db:cb:c1:9c:9d:6d:0d:0c:92:89:68:4e:32:93:44: 73:6a:62:18:4e:83:10:81:59:af:01:29:30:ad:7d:71:6b:6f: c6:8b:9f:12:2b:88:a7:31:a4:e4:11:d5:69:9a:70:46:2c:29: 91:4f:16:29:c0:c1:66:ee:78:08:cf:1e:2b:c8:2c:01:47:c1: 65:c9:0f:d9:fb:b2:af:c6:64:b5:eb:52:83:2a:9b:3e:81:9c: f7:72:17:de:be:ab:5b:de:e4:7c:73:64:57:0a:c6:4c:8d:7d: 4e:28:b5:98:8b:47:96:75:f6:6e:8f:f3:cd:f3:7b:a0:1a:63: d0:4e:20:2d:41:7f:0c:c4:80:73:06:68:dc:73:29:af:b4:d8: df:ff:4b:92 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgICGI0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NUQwM0ExMTAvBgNVBAUTKDYxNUVEODRDNDRFNjU3RjcwOTVFMDIxMkFGRUEwNTJD NTQyQTBEOTEwHhcNMjQwNDEwMTI1NTI5WhcNMjUwMzAyMDAwMDAwWjAYMRYwFAYD VQQDEw02NjE2OGM0MS03MTk2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAqPOWPrIfekdC5osZKtHzZiod8YKLcqw6/fFH+X6LquPxz6b4oyHvJKrUifOU ZwZhTJM5zkXvwAZHuNEi0GmXn4Fg6vRYXciqoSCvQmei9xPpdugV2znf/7sywjem bC31nMNINXLvMNiD67g6AYLAsOR+pm4GYx1w0ZV/oZngMh9s7tY5jJNFDI5ilIYy 0S3j7j3TvPDEDwuOFzn0M0zI0UTPuZWnMw5Q2DQ1QUoFgaeEvZbJMSinbq7MliYy KStNKfDSjnEwHrNG/Bllz+KAmqdgI3515/pIHgXUnp8Pi158TUYFuTgknVNNEvXu K+O7luq5Puwg7VQ/aMs3uZRaJQIDAQABo4ICpzCCAqMwHQYDVR0OBBYEFKAIgVn3 ofQOheGVrQ/fdZOi1TfVMB8GA1UdIwQYMBaAFGFe2ExE5lf3CV4CEq/qBSxUKg2R MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1RDAzQS8xQjY0NzcxMDky NDYxMUU3OUFBRUJFMTBDNEY5QUUwMi9ZVjdZVEVUbVZfY0pYZ0lTci1vRkxGUXFE WkUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1lWN1lURVRtVl9jSlhnSVNyLW9GTEZRcURaRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NUQwM0EvMUI2NDc3MTA5MjQ2MTFFNzlBQUVCRTEwQzRGOUFFMDIvREY0QTk3NzhF NTYxMTFFQkI2QURBQzFGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMQYIKwYBBQUHAQcBAf8E IjAgMB4EAgABMBgDBAA8/oADBAA8/pkDBAB9ONEDBAB9ONkwDQYJKoZIhvcNAQEL BQADggEBALs5QsdwooBZ17fqPCoCGBkVlMw5Sk3zOnND7M9QGhjAhQLE/lKvHl1Y jDHYMah9qwhE5FhLV9gclTThJIHK3yKsBDYqnqEkfj0arObPKO1tXwOI88jdbsQC zfd6N9V2wVcTz9XjDLmeQ0bU1UxUFNvLwZydbQ0MkoloTjKTRHNqYhhOgxCBWa8B KTCtfXFrb8aLnxIriKcxpOQR1WmacEYsKZFPFinAwWbueAjPHivILAFHwWXJD9n7 sq/GZLXrUoMqmz6BnPdyF96+q1ve5HxzZFcKxkyNfU4otZiLR5Z19m6P883ze6Aa Y9BOIC1BfwzEgHMGaNxzKa+02N//S5I= -----END CERTIFICATE-----Generated at Wed Nov 20 19:05:19 2024 by rpki-client on console-ams.rpki-client.org